Recent developments in technology have made access easier to publicly available computer networks, such as the Internet. The exchange of information between private computer networks and users attached to the Internet presents a challenge to protect information located on such private networks from unauthorized access by outside Internet users, and from unauthorized export by private users to the outside. For example, a group of private users who work for the same entity may need to have access to common data but desire to shield such information from disclosure to outsiders. Recently, accounts have publicized the vulnerability of even the Pentagon's computer system to break-ins by public Internet users known as "crackers." In breaking into private computer networks, crackers have been able to erase files or disks, cancel programs, retrieve sensitive information and even introduce computer viruses, Trojan horses and/or worms into those private networks.
Another related problem is security among related private computer networks. For example, many companies have branches located in various parts of the country. Each branch may contain a computer network and each of these local computer networks are interconnected in a company-wide computer network. It is desirable in the use of such computer networks to prevent unauthorized access to one of the local computer networks from another of the local computer networks.
For communication on the Internet, the protocol suite Transmission Control Protocol/Internet Protocol (TCP/IP) provides a standardized communication format between nodes on a computer network and between computer networks. This protocol suite is used inside and among private computer networks, as well. Private computer networks are often linked to other private computer networks, such as in a company where multiple user groups exist in the organization with corresponding multiple computer networks. The risk of break-ins and computer misuse by one such private network by users of another private network is also present. For example, a disgruntled employee working from a local area network (LAN) in one organization of the company may break into the private computer network of another organization with the company and cause files to be altered or erased or place viruses, Trojan horses, or worms into nodes contained in that network.
Private computer networks come in all forms and are put to many purposes. There are credit card computer networks which direct network traffic to banks for authorizations and transaction posting, there are university computer networks which maintain student or scientific research information, and there are private company computer networks which contain a variety of proprietary information. The future promises to bring even more connectivity to computer networks through such mechanisms as computerized home television and multimedia services. Providing a security system against breach by so-called crackers will be equally important to the home computer user.
Presently known security systems have often proven either to be ineffective in preventing breach of the private computer network, or have severely limited access to communication services for communicating with other networks. In general, existing security systems disable certain critical communication services between the computer networks. For example, in connection with the Internet, such important communications services as file transfer applications such as File Transfer Protocol (FTP), Trivial File Transfer Protocol (TFTP), and HTTP, and terminal emulation services such as Telnet applications have been disabled for the sake of security. However, when such services are disabled, most of the power to communicate with other computer networks is lost, leaving the private network with only basic electronic mail (E-mail) services to the public Internet, such as provided by Simple Mail Transfer Protocol (SMTP) and POP3 applications. Even with such file transfer and emulation services disabled, private networks have not been immune to breach by crackers from the public Internet or other private networks. An outsider can obtain headers from the sendmail and postscript files used in E-mail, including critical data, to enable entrance into privileged files by mimicking a legitimate user.
Such security systems have been implemented in several ways. For example, screening routers have been used to limit transmission into and out of a private network to specific sites or to specific types of transmissions. However, these limitations by their nature also severely restrict access to communication services with the public Internet or other networks.
Host-based firewalls, also known as dual-homed firewalls, provide an additional level of security by interposing a separate computer system between the private network and the public Internet network. In some dual-homed firewalls, Internet Protocol (IP) packet forwarding is disabled, preventing the firewall from routing IP packets automatically according to the addresses provided. Such dual-homed firewalls also provide a special set of Transmission Control Protocol (TCP) applications to act as proxy agents to communicate with users outside of the private network. In this way, the firewall maintains control over the communications which enter and exit the private network. For example, a user on the private network may use an application such as Telnet to log on to the host-based firewall system. The private network user is then prompted for the Internet address of the end-point. The firewall then sets up a pipe between the private network user and the end-point and monitors the connection between the points. A disadvantage identified with host-based firewalls has been the continual need to increase the size of the firewall system to support increased traffic between the private network and the public Internet network. Another disadvantage of host-based firewalls is that crackers need only to overcome the security defenses of a single computer system in order to gain access to the private network.
Another firewall system is known as bastion hosts, also known as an application level firewall, overcomes these disadvantages of host-based firewalls by providing a subnetwork of hosts to control traffic in and out of the private network. The subnetwork can be expanded by adding hosts as capacity need increases. With bastion hosts the public network is permitted to access only up to an exterior router R2, while the private network is permitted to access only up to an interior router R1. Between the routers a group of proxy hosts are provided which control access to various applications available for communication with the private and public networks. A disadvantage of this system is that code must be specially written to specify each application to be allowed through the subnetwork, making changes in application availability costly and time-consuming. Another disadvantage is the cost and complexity of maintaining a separate subnet and multiple computer systems as hosts for the system.
Accordingly, it is an object of the present invention to provide a security system for connecting a private computer network to another private or public computer network which provides full availability of services to the computer networks while maintaining the private computer network secure from unauthorized access by crackers from the public computer network or other private computer network.
Another object of the present invention is to provide a security system which can be constructed of available standard hardware and software components without requiring costly special coding or hardware.
Another object of the invention is to provide a security system contained entirely within one unit and controllable therefrom.
A further object of the present invention is to provide a security system which protects Unix and MVS hosts connected to the private computer network from unauthorized access by private network users connected to the private local area network (LAN) or wide area network (WAN).
A still further object of the present invention is to provide a security system having two computer motherboards for backing up critical network communication information from one computer motherboard to the other.
Still another object of the invention is to provide the use of unrestricted TCP/IP addresses in a private network which are not limited to the registration procedures of the public Internet, thereby allowing domain names, subnetwork masks, and TCP/IP network/host name addresses to be determined independently in the private networks.
Another object of the present invention is to provide a communication link between a first and second computer network in which the subnetwork mask which is used for communication inside the first computer network is established independently from the subnetwork mask which is presented at the interface to the second network.